Added needed container access permissions

CDCgov · Dec 5, 2023 · 4cd0cf4 · 4cd0cf4
1 parent 63f61cc
commit 4cd0cf4
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/operations/template/storage.tf b/operations/template/storage.tf
@@ -13,3 +13,9 @@ resource "azurerm_storage_container" "metadata" {
   storage_account_name  = azurerm_storage_account.storage.name
   container_access_type = "private"
 }
+
+resource "azurerm_role_assignment" "allow_api_read_write" {
+  scope                = azurerm_storage_container.metadata.id
+  role_definition_name = "Storage Blob Data Contributor"
+  principal_id         = azurerm_linux_web_app.api.identity.0.principal_id
+}